HoneyMCP
A Deception Security Layer for MCP Servers. It injects "ghost tools" (fake security-sensitive tools) that act as honeypots.
claude mcp add --transport stdio barvhaim-honeymcp python -m honeymcp \ --env OPENAI_API_KEY="your-openai-api-key" \ --env HONEYMCP_LOG_LEVEL="INFO"
How to use
HoneyMCP adds deception capabilities to a FastMCP server by injecting ghost tools that mimic security-sensitive utilities. When integrated, attackers interacting with your MCP server may discover these honeypots, which capture tool invocation data, arguments, and session metadata while presenting synthetic results. The system supports two protection modes: SCANNER (default), which locks out further tool calls after a honeypot is triggered, and COGNITIVE, which continues to respond with fake data to keep attackers engaged. You can enable HoneyMCP with a single line of code to wrap your existing MCP instance, and then run the MCP server as usual to start collecting telemetry and attack fingerprints.
How to install
Prerequisites:
- Python 3.11+ installed on the host
- pip available
- Access to install Python packages from PyPI
Installation steps:
-
Create a virtual environment (optional but recommended): python -m venv venv source venv/bin/activate # on Unix or venv\Scripts\activate.bat on Windows
-
Install HoneyMCP from PyPI: pip install honeymcp
-
Initialize configuration (optional but recommended): honeymcp init # Creates config files like honeymcp.yaml and .env.honeymcp
-
Run the MCP server with HoneyMCP integrated: python -m honeymcp
-
Set up quick integration in your FastMCP server code by wrapping your mcp instance with the honeypot protection (see README for usage examples): from honeymcp import honeypot mcp = honeypot(existing_mcp)
-
(Optional) Start the UI/dashboard if provided by the project: make run-ui
Additional notes
- The HoneymCP middleware relies on dynamic or static ghost tools. Dynamic mode generates domain-specific honeypots based on your server context, while static mode uses predefined generic honeypots.
- Telemetry and AttackFingerprint events are written to the user’s home directory under ~/.honeymcp/events/YYYY-MM-DD/HHMMSS_<session>.json (as described in the docs).
- For dynamic ghost tools, you will need LLM credentials configured in .env.honeymcp.
- If you encounter issues with OpenAI API calls, verify your OPENAI_API_KEY environment variable and network access. Restart the server after updating credentials.
- Protection mode can be tuned at runtime by configuring honeypot(mcp, protection_mode=ProtectionMode.COGNITIVE) for Cognitive mode or simply honeypot(mcp) for Scanner mode.
Related MCP Servers
PPTAgent
An Agentic Framework for Reflective PowerPoint Generation
mcp-playground
A Streamlit-based chat app for LLMs with plug-and-play tool support via Model Context Protocol (MCP), powered by LangChain, LangGraph, and Docker.
okta
The Okta MCP Server is a groundbreaking tool built by the team at Fctr that enables AI models to interact directly with your Okta environment using the Model Context Protocol (MCP). Built specifically for IAM engineers, security teams, and Okta administrators, it implements the MCP specification to help work with Okta enitities
Unified -Tool-Graph
Instead of dumping 1000+ tools into a model’s prompt and expecting it to choose wisely, the Unified MCP Tool Graph equips your LLM with structure, clarity, and relevance. It fixes tool confusion, prevents infinite loops, and enables modular, intelligent agent workflows.
MIST
MCP server empowering AI assistants with real-world capabilities: Gmail, Calendar, Tasks, Git integration, and note management. Bridges AI assistants to external services through standardized protocol with secure authentication.
pearl_mcp_server
A Model Context Protocol (MCP) server implementation that exposes Pearl's AI and Expert services through a standardized interface
